package com.numbfish.sample;

import com.nimbusds.jose.jwk.*;
import com.nimbusds.jose.jwk.source.JWKSource;
import com.nimbusds.jose.jwk.source.JWKSourceBuilder;
import com.nimbusds.jose.proc.SecurityContext;
import com.nimbusds.jose.proc.SimpleSecurityContext;
import org.junit.jupiter.api.Test;

import java.net.MalformedURLException;
import java.net.URL;
import java.util.List;

public class Ex04_JWK_set {
    @Test
    public void test1() throws Exception {

        // The public JWK set URL
        URL url = new URL("https://example.com/jwks.json");

        // Will select RSA keys marked for signature use only
        JWKSelector selector = new JWKSelector(
                new JWKMatcher.Builder()
                        .keyType(KeyType.RSA)
                        .keyUse(KeyUse.SIGNATURE)
                        .build());

        // Some security context that may be required by the JOSE
        // signature checking and JWT processing framework, may be
        // null if not required
        SecurityContext ctx = new SimpleSecurityContext();

        // Create a new JWK source with rate limiting and refresh ahead
        // caching, using sensible default settings
        JWKSource<SecurityContext> jwkSource = JWKSourceBuilder.create(url)
                .build();

        // Retrieve the matching JWKs from the source
        List<JWK> jwks = jwkSource.get(selector, ctx);

    }
}
